jeXXmLxQiyuhGYGxgtdlGOzfFDvMCPlAwkKRSjZpSYIiQHuysvhoSSKuhCIXzDBVZSxYIWqbyTNNJmwAFDVzTRXITsJVTOlssbarQhadBOHWMETKkgSBnlOusYkUGkoY[.]vmp[.]exe

Resubmissions

09/01/2024, 02:08

240109-ckyrqsbegk 5

09/01/2024, 02:02

09/01/2024, 01:57

09/01/2024, 01:55

09/01/2024, 01:51

Sharing

Copy URL Twitter E-mail

General

Target

jeXXmLxQiyuhGYGxgtdlGOzfFDvMCPlAwkKRSjZpSYIiQHuysvhoSSKuhCIXzDBVZSxYIWqbyTNNJmwAFDVzTRXITsJVTOlssbarQhadBOHWMETKkgSBnlOusYkUGkoY.vmp.exe
Size

374KB
MD5

b8cf36272e44d45e1907f5652201d31e
SHA1

b3485e1e1810e6d50f8c974b20c0d27d83163327
SHA256

98f3159d324bd7c7bc47433384886e213dc91e171d1cbaf92800a1a9ff1a0ab0
SHA512

a4532aa38113959e54a5775951dff92269784f6da1cf3a76f3b3c82e32c037dd0e9fe4f51437881b215b3e51c3857070c41b9675bc42b1e696837e571bf96576
SSDEEP

6144:WtrenhfND7tbZLj2OTn2I2eoa7fYeyYlSsy6taJPTNEv87J/gtN:WUhVtN/2dajYeyYjy/B6vOJ/gtN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
jeXXmLxQiyuhGYGxgtdlGOzfFDvMCPlAwkKRSjZpSYIiQHuysvhoSSKuhCIXzDBVZSxYIWqbyTNNJmwAFDVzTRXITsJVTOlssbarQhadBOHWMETKkgSBnlOusYkUGkoY.vmp.exe

Files

jeXXmLxQiyuhGYGxgtdlGOzfFDvMCPlAwkKRSjZpSYIiQHuysvhoSSKuhCIXzDBVZSxYIWqbyTNNJmwAFDVzTRXITsJVTOlssbarQhadBOHWMETKkgSBnlOusYkUGkoY.vmp.exe
.exe windows:4 windows x86 arch:x86

Password: jeXXmLxQiyuhGYGxgtdlGOzfFDvMCPlAwkKRSjZpSYIiQHuysvhoSSKuhCIXzDBVZSxYIWqbyTNNJmwAFDVzTRXITsJVTOlssbarQhadBOHWMETKkgSBnlOusYkUGkoY

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yx`
Size: - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.$!h
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8M0
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: jeXXmLxQiyuhGYGxgtdlGOzfFDvMCPlAwkKRSjZpSYIiQHuysvhoSSKuhCIXzDBVZSxYIWqbyTNNJmwAFDVzTRXITsJVTOlssbarQhadBOHWMETKkgSBnlOusYkUGkoY

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: - Virtual size: 6KB

.yx` Size: - Virtual size: 195KB

.$!h Size: 512B - Virtual size: 8B

.8M0 Size: 371KB - Virtual size: 370KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 6KB

.yx`
Size: - Virtual size: 195KB

.$!h
Size: 512B - Virtual size: 8B

.8M0
Size: 371KB - Virtual size: 370KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B